Patron Privacy Statement
Illinois State University, Milner Library
Illinois State University’s Milner Library ("the Library", "we", "us", "our") respects your privacy. We have developed this privacy statement to inform you what information we collect, how we use, protect and release it, and how you are entitled to access it. This privacy statement applies to the websites we administer, the email you send us and electronic services we provide.
Milner Library is committed to the American Library Association’s Library Bill of Rights. We adhere to the State of Illinois’ Library Records Confidentiality Act (75 ILCS 70). However, as a body corporate and politic of the State of Illinois, Illinois State University is also subject to the Illinois Freedom of Information Act (5 ILCS 140 et seq).
When you visit our websites to read or download information, we do not collect personal information about you. In particular, we do not use "cookies" to collect or store personal information. We do use personal information that you supply in online forms, email, and other requests for information and services to respond to your requests. This may involve redirecting your inquiry or comment to another person or department better suited to meeting your needs.
Information that Milner Library may gather and retain about current and valid library users includes, but is not limited to, the following:
- Archives: Patrons must complete a patron registration form that asks for name, contact information, status (i.e., student, staff, faculty, etc.), institutional affiliation and research interests/purpose.
- Circulation Information: Patron records contain patrons’ names, home addresses, telephone numbers and e-mail addresses supplied to us by the Registrar and by Human Resources.
- Collection Development: This includes information regarding the request, purchase, transfer, and related collection management requests linked to individual users or groups of users (e.g., departments).
- Computer Workstation Usage: Patrons using computers in Milner Library must follow the ISU Policy on Appropriate Use of Information Technology Resources and Systems (ISU Policy 9.2) and the Milner Library Computer and Internet Acceptable Use Policy.
- Interlibrary Loan / Document Delivery: This includes all information that identifies a user as requesting specific materials.
- Library Surveys / Assessment Projects: This includes any information or data obtained through surveys (group or individual interviews or other means) in support of assessment of services, collections, facilities, resources, etc., or in support of research related to library and information services. Any data collected in the course of research is subject to additional review of privacy and confidentiality protections (ISU’s Research and Sponsored Program’s Human Subjects in Research).
- Reference/Research Transactions: When contacted by a patron for reference or research assistance, we may ask patrons for their name, contact information, nature of their query, and resources already consulted by the patron. We use this information to respond to the patron as effectively and efficiently as possible. We maintain information about the transaction, such as date, time, type of inquiry, method used by the patron to contact the library, patron status (e.g., student, faculty, and community member), the question, and our response.
- User Registration Information: This includes any information the library requires users (faculty, staff, students, or others) to provide in order to become eligible to access or borrow materials. Such information includes addresses, telephone numbers, and identification numbers.
- Wi-Fi: The campus network logs user ID, IP addresses, MAC address, the data and time of connection, access point(s) that were utilized, and aggregated totals on application traffic. The information is utilized to analyze patterns, events, trouble spots, incidents, or other management/security issues that are necessary to operate and maintain the infrastructure and help optimize network operations. Campus follows legal guidelines for use information, such as law enforcement requests or other legally required or policy/management based requests that are allowable under both State and Federal law.
- Other Information Required to Provide Library Services: This includes any identifying information obtained to provide library services not previously listed.
Data Integrity and Security
The data we collect and maintain at the library must be accurate and secure. Although no method can guarantee the complete security of data, we take steps to protect the privacy and accuracy of user data. The ISU Library is committed to investing in appropriate technology to protect the security of personally identifiable information while it is in the library's custody. We also pledge to work with third-party information service suppliers who have similar respect for protecting personally identifiable information.
- Services that Require User Login: In-library computers allow use of most library resources without logging in. Use of the full resources of the World Wide Web and of the full power of some subscription databases requires that a user log on to the workstation, either with his/her ULID and password or with a guest account. Data about which users were connected to which machine is collected, in accordance with University policy, and stored with very limited access by staff. Users of electronic resources that require authorization for their use are also asked to log in when they connect from outside the university IP address ranges. The data kept from these transactions does not include information linking the user to the resources to which the user connected or about searches completed and records viewed.
- Security Measures: Our security measures involve both managerial and technical policies and procedures to protect against loss and the unauthorized access, destruction, use, or disclosure of the data. Our managerial measures include internal organizational procedures that limit access to data and prohibit those individuals with access from utilizing the data for unauthorized purposes. Our technical security measures to prevent unauthorized access include encryption in the transmission and storage of data; limits on access through use of passwords; and storage of data on secure servers or computers that are inaccessible from a modem or network connection.
- Staff Access to Personal Data: We permit only authorized Library staff with assigned confidential passwords to access personal data stored in the Library's computer system for the purpose of performing library work. Milner Library will not disclose any personal data collected from users to any other party except where required by law, to report a suspected violation of law or University policy, or to fulfill an individual user's service request. We do not sell or lease users' personal information to commercial enterprises, organizations or individuals.
If you have questions regarding this policy, please contact Dane Ward, Dean of Milner Library.
Revised August 2015 and reviewed by the Illinois State University Office of General Counsel
During initial development of this policy, llinois State University’s Milner Library received permission from the IUPUI University Library, Texas A&M and University of Chicago Library to adapt their patron privacy policies.